Freddy Freeloader wrote:
I'm trying to figure out how to create both frontend and backend networks in xen. By that I mean a publicly available network for internet access and a virtual network for communication between guests only that has no internet or other network access.
Here's what I've done in attempting to add the second virtual network.

1.  Created dummy0 interface in /etc/network/interfaces in Dom0.
2. In /etc/xen/xend-config.sxp pointed (network-bridge) to the script below. 3. Created a script in /etc/xen/scripts to start up both xenbr0 and xenbr1. xenbr0 is the default bridge and xenbr1 is created on dummy0. The script is from an example in Running Xen on how to create multiple bridges. 4. Added the mac and xenbr info for xenbr1 to the "vif = (blah, blah, blah)" line in the domain.cfg file in /etc/xen.

This results in losing all network connectivity to and from the guest OS. It also leads me to believe I should probably be creating this second interface in /etc/xen-tools/xen-tools.conf so that the second interface would be created in the guest by xen-create-image, but I can find no documentation on how to do this.
The guest only shows eth0 and lo in /etc/network/interfaces.

"brctl show" lists two bridges.
bridge name    bridge id        STP enabled    interfaces
eth1        8000.00e04da05951    no            peth1
xenbr1        8000.feffffffffff          no            vif2.0


Can anyone either give me an example to look at or point me to a how-to on this?
Just in case anyone else runs into this issue.

You cannot use dynamic mac address creation, at least not when creating a purely virtual network and a network that has a public IP address. It seems to work OK in a DomU that has a single interface, but when there is more than one interface in a DomU it breaks networking. You can do thos by modifying the vif = line in /etc/xen/domain.name.cfg file. Use only the mac address and bridge data for each interface and make sure you delineate each interface with single quotes. (The examples I had seen did not do that and it results in only one vif being created in the DomU.) Or, you can use "xm network-attach mac=xx:xx:xx:xx:xx:xx bridge=bridge-name". You cannot use the ip=xxx.xxx.xxx.xxx option in "xm network-attach" as that functionality is broken. However, for xm network-attach to reattach the network to the DomU automatically after rebooting the DomU or Dom-0 you must script it. It's also much easier to create the second bridge manually in Dom-0 in /etc/network/interfaces using pre-up, post-down, and brctl. And, it's easier to just manually assign the ip addresses for each network device in /etc/network/interfaces in each DomU. Here's an example on the bridge creation in Dom-) in /etc/network/interfaces.
auto brtest
iface brtest inet static
   address 10.0.0.1
   netmask 255.255.255.0
   pre-up brctl addbr brtest
   post-down ifconfig brtest down
   post-down brctl delbr brtest

The above example allows the DomU's to communicate with Dom-0 using this bridge. You can stop the DomU's from communicating with Dom-0 over this interface like this:

auto brtest
iface brtest inet manual
   pre-up brctl addbr brtest
   post-down ifconfig brtest down
   post-down brctl delbr brtest

Anyway, I hope this helps someone else. I beat my head against a wall for long time over this. Between xen bugs, xen-tools bugs, and lack of good documentation, getting xen up and running in anything other than a default configuration on Debian isn't for the faint of heart.


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to